zookeeper-dev mailing list archives

Site index · List index
Message view « Date » · « Thread »
Top « Date » · « Thread »
From eolivelli <...@git.apache.org>
Subject [GitHub] zookeeper pull request #710: ZOOKEEPER-3195: TLS - disable client-initiated ...
Date Wed, 21 Nov 2018 20:24:02 GMT
Github user eolivelli commented on a diff in the pull request:

    https://github.com/apache/zookeeper/pull/710#discussion_r235529044
  
    --- Diff: zookeeper-server/src/main/java/org/apache/zookeeper/common/X509Util.java ---
    @@ -60,6 +60,12 @@
     public abstract class X509Util {
         private static final Logger LOG = LoggerFactory.getLogger(X509Util.class);
     
    +    static {
    +        // Client-initiated renegotiation in TLS is unsafe and
    +        // allows MITM attacks, so we should always disable it.
    +        System.setProperty("jdk.tls.rejectClientInitiatedRenegotiation", "true");
    --- End diff --
    
    Anyway we are in server context, it is better to have this setting on.
    
    The only thing we can do to enhance this change is trying not to override explicit settings
from the user.
    So I would write:
    
    If System.getProperty(...) == null...System.setProperty(...)
    
    This way if there is a bug in JVM and you want to not enable this mechanism you can set
the property explicitly to false and this block won't touch the property
    
    What do you think?


---

Mime
View raw message